I have been seeing a lot of exploits that write the memory address of functions/code into the EIP and was wondering if there was a way (maybe with gdb or something) that I could use to determine the memory address of some shellcode I am using in a buffer overflow test and use the python struct library to pack it
Tag: exploit
Double Free – crash or no crash
Can someone explain me why freeing a twice in a row causes a crash, but freeing a first, then b, and then a again does not crash? I know that a free will insert the heap chunk in a double linked free list. Freeing twice would insert the same chunk twice in the free list. But why is the crash
What is vulnerable about this C code?
The way I understand it, the code above allows arbitrary code (or program) execution — what makes this vulnerable, and how does one take advantage of this? Answer You can override the PATH variable to point to a directory with your custom version of echo and since echo is executed using env, it isn’t treated as a built-in. This constitues